ImageMagick < 6.9.13-48 / 7.x < 7.1.2-23 Multiple Vulnerabilities

The remote host has a version of ImageMagick installed that is prior to 6.9.13-48 or 7.x prior to 7.1.2-23. It is, therefore, affected by multiple vulnerabilities: - A crafted MSL image can trigger a heap-use-after-free in the MSL decoder. CVE-2026-46523 - Due to a missing depth check, a stack...

Off-by-one Error

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Off-by-one Error

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

Off-by-one Error

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the JP2 encoder. An attacker can cause a single-byte heap buffer overwrite by specifying certain options. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Advisory -...

Out-of-bounds Write

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Unity Linux 20.1070e Security Update: gstreamer1-plugins-good (UTSA-2026-017386)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017386 advisory. DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemuxinflate function which causes a segfault, or could...

Astra Linux - уязвимость в grub2

A flaw was found in grub2. The calculation of the translation buffer when reading a language .mo file in grubgettextgetstrfromposition may overflow, leading to a Out-of-bound write. This issue can be leveraged by an attacker to overwrite grub2's sensitive heap data, eventually leading to the...

Astra Linux - уязвимость в gst-plugins-good1.0

DOS: Potential heap overwrite during MKV demuxing using Zlib decompression. Integer overflow occurs in the matroskademux element within the gstmatroskadecompressdata function, which can cause a segfault—or potentially a heap overwrite, depending on the libc and operating system. Depending on the...

Astra Linux - уязвимость в gst-plugins-good1.0

DOS: Potential heap overwrite during MKV demuxing using BZIP decompression. Integer overflow in the Matroskademux element within the BZIP decompression function can cause a segfault, or it may lead to a heap overwrite, depending on the libc and operating system used. Depending on the libc used an...

Astra Linux - уязвимость в gst-plugins-good1.0

DOS: Potential heap overwrite during MKV demuxing using LZO decompression. Integer overflow in the Matroskademux element within the LZO decompression function can cause a segfault, or potentially a heap overwrite, depending on the libc and operating system. Depending on the libc used and the...

Astra Linux - уязвимость в gst-plugins-good1.0

Integer overflow in the avidemux element within the gstavidemuxinvert function, which allows for a heap overwrite during the parsing of AVI files. There is a potential for arbitrary code execution due to the heap overwrite...

Astra Linux - уязвимость в gst-plugins-good1.0

DOS: Potential heap overwrite in qtdemux using zlib decompression. Integer overflow in the qtdemux element within the qtdemuxinflate function can lead to a segfault, or it may cause a heap overwrite, depending on the libc and operating system. Depending on the libc used and the underlying operati...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/riocm.c: prevented possible heap overwriting. In riocmcdevioctlRIOCMCHANSEND → cmchanmsgsend → riocmchsend, cmchanmsgsend checks that the user space did not send too much data. However, riocmchsend failed to check...

Astra Linux - уязвимость в gst-plugins-good1.0

Integer overflow in the matroskademux element within the gstmatroskademuxaddwvpkheader function, which allows for a heap overwrite during the parsing of Matroska files. There is a potential for arbitrary code execution due to the heap overwrite...

[slackware-security] gnutls

New gnutls packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/gnutls-3.8.13-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Add more checks to DTLS reassembly. Previously, gnut...

Debian dla-4540 : libmupdf-dev - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4540 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4540-1 [email protected] https://www.debian.org/lts/security/...

CVE-2026-31853 ImageMagick has a heap buffer over-write on 32-bit systems in SFW decoder

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-16 and 6.9.13-41, an overflow on 32-bit systems can cause a crash in the SFW decoder when processing extremely large images. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41...

Out-of-bounds Write

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Out-of-bounds Write

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...